Console · Join as Provider · API Access · Releases
Make any Apple Silicon Mac a remote-addressable MLX inference endpoint. Built on mlx-lm. OpenAI-compatible API. Every response carries a signed receipt binding (prompt, output, provider) verifiable with the open-source macprovider-verify CLI — verifiable inference, without a datacenter.
A lot of the most interesting LLM applications — long-running personal agents, privacy-sensitive tooling, dev workflows that hammer a model thousands of times a day — don't really belong in a cloud datacenter. But the moment you want your Mac's MLX endpoint to be reachable from somewhere that isn't localhost, you fall off a cliff: auth, tunneling, multi-tenant routing, observability, none of it exists out of the box. MacProvider is a thin layer over mlx-lm that fills that gap.
| For Providers | For Buyers |
|---|---|
| Run MLX models locally on any M1+ Mac | OpenAI-compatible /v1/chat/completions endpoint |
| Outbound WebSocket only — no port-forwarding needed | Route to the full pool or pin to a specific provider |
| Choose which models to serve from your Mac | Pay only for compute, no subscription required |
| Manage your node at portal.streamvc.live | Chat and monitor at console.streamvc.live |
console.streamvc.live is the buyer-facing front end. Today it ships two views:
- Browser chat. Send requests to the network directly from the browser, with session history.
- Pool dashboard. Monitor live provider pool status and which models are warm.
portal.streamvc.live is the provider-facing front end. Sign in with your provider_id + provider_token to see your Mac's setup, earnings, identity, and the latest installer release. See SPEC-014 for the surface contract.
Provider Mac (MLX)
└── outbound WS ──▶ MacProvider
(pool · routing · billing)
│
┌─────────────┴─────────────┐
│ │
api.streamvc.live/v1 console.streamvc.live
(OpenAI-compatible) (web front end)
New public installs join as provisional providers over outbound WebSocket tunneling and can be promoted to pinned by the operator after observation. No inbound port-forwarding is required on the provider Mac.
For production public onboarding, the coordinator must run with both token gates set explicitly:
auth:
require_provider_tokens: true
allow_tokenless_provisional_bootstrap: truerequire_provider_tokens keeps normal provider reconnects fail-closed. allow_tokenless_provisional_bootstrap only admits the first tokenless provisional connect far enough to mint and persist its own provider_token; pinned providers and provider IDs whose active token has already been used still reject tokenless reconnects. Invite-only deployments can set the bootstrap flag to false, but then new Macs need an operator-preprovisioned provider_token.
Trust model — what the coordinator sees: prompts and responses pass through the gateway to enable routing and billing. Model weights stay on the provider Mac and never leave. Buyer prompts and provider responses are processed as plaintext on provider hardware — providers can technically observe prompts and outputs that route through their machine. This is acceptable for cooperative deployments where buyer and provider have an established trust relationship; it is NOT a private-inference guarantee. A self-hosted coordinator is on the roadmap for buyers who need local-only trust.
Run on any Apple Silicon Mac (M1 or newer, macOS 14+):
curl -fsSL https://get.streamvc.live/install.sh | bashThe installer:
- Picks a recommended MLX model based on available RAM (you can override)
- Asks for a stable provider handle used as your pool identity
- Downloads and verifies the latest
macprovider-clirelease against a signed checksum manifest - Installs under
~/macproviderand sets up a user-level launchd service - Runs a local
/v1/modelscheck and a coordinator pool visibility check
Security note: curl | bash gives the downloaded script control of your user account. Inspect first if you prefer:
curl -fsSL https://get.streamvc.live/install.sh -o install.sh
less install.sh
bash install.shThe binary is checksum-verified against a signed release manifest. macOS quarantine (xattr) is cleared with your approval during install. Developer ID signing and notarization are planned for a future release.
Base URL: https://api.streamvc.live
The API is OpenAI-compatible — swap in your existing client:
from openai import OpenAI
client = OpenAI(
base_url="https://api.streamvc.live/v1",
api_key="<your-api-key>",
)
response = client.chat.completions.create(
model="mlx-community/Llama-3.2-3B-Instruct-4bit",
messages=[{"role": "user", "content": "Hello"}],
)
print(response.choices[0].message.content)Get an API key → api.streamvc.live/auth/github/start
API reference → api.streamvc.live/docs#api-reference
For tool-calling responses, emitted tool_calls[] reflect model output, not provider-verified intent; buyer-side agent frameworks MUST validate before execution. MacProvider v0.1 tool calling is a first-turn OpenAI wire-shape compatibility surface: it can emit parsed assistant tool_calls[] from recognized model/template output, but it is not a complete multi-turn agent loop. Second-turn role:"tool" messages or assistant-history tool_calls[] remain intentionally unsupported until a later SPEC-018 revision. MacProvider transports the parsed OpenAI-compatible shape; it does not decide whether a requested tool name or argument payload is safe for your agent policy.
Latest release and signed binaries: github.com/augustas11/macprovider/releases (badge above auto-updates).
✅ Signed inference receipts — Shipped in v1.0.0. The SPEC-015 v0.2 verifier is available as the open-source macprovider-verify CLI.
✅ OpenAI-compatible tool calling — Shipped for first-turn recognized MLX tool-call templates. Requests with tools are rendered through the MLX chat template, and Qwen-style <tool_call>...</tool_call> or Llama 3.3-style <|python_tag|>...<|eom_id|> outputs emit choices[0].message.tool_calls[] with function.arguments as a JSON string. This v0.1 surface is a wire-shape compatibility certificate, not full multi-turn agent-loop support; second-turn role:"tool" messages and assistant-history tool_calls[] are rejected as unsupported. Other models safely fall back to normal assistant text unless their model ID and template emit one of those recognized formats. See examples/tool_calling_demo.py.
Every request through MacProvider carries a signed receipt that lets the caller later prove which provider signed the canonical prompt/output binding. The receipt is issued on the response path and signed with the provider's receipt key:
{
"model": "mlx-community/Llama-3.2-3B-Instruct-4bit",
"prompt_hash": "sha256:7c3f...",
"output_hash": "sha256:9b2a...",
"provider_id": "m1-anon",
"provider_pubkey": "ed25519:...",
"ttft_ms": 646,
"tokens_out": 142,
"ts": "2026-06-04T12:34:56Z",
"sig": "ed25519:..."
}What this enables:
- Audit trail. A buyer can prove an inference happened, on which model, at which provider — without trusting the gateway to be honest after the fact.
- Provider accountability. Disputes over output quality or downtime become resolvable from receipts rather than from memory.
- New compositions. Receipts can be replayed into systems that don't trust the issuer but trust the signature (escrow, reputation, on-chain settlement).
The verifier contract is documented in phase7-verify. Feedback welcome via Issues.